Poster: ESPOONERBAC: enforcing security policies in outsourced environments with encrypted RBAC
Proceedings of the 18th ACM conference on Computer and communications security
Computer Networks: The International Journal of Computer and Telecommunications Networking
Securing data provenance in the cloud
iNetSec'11 Proceedings of the 2011 IFIP WG 11.4 international conference on Open Problems in Network Security
Efficient keyword search over encrypted data with fine-grained access control in hybrid cloud
NSS'12 Proceedings of the 6th international conference on Network and System Security
Toward content-centric privacy in ICN: attribute-based encryption and routing
Proceedings of the 3rd ACM SIGCOMM workshop on Information-centric networking
Toward content-centric privacy in ICN: attribute-based encryption and routing
Proceedings of the ACM SIGCOMM 2013 conference on SIGCOMM
Privacy-preserving data utilization in hybrid clouds
Future Generation Computer Systems
Hi-index | 0.00 |
Current security mechanisms are not suitable for organisations that outsource their data management to untrusted servers. Encrypting and decrypting sensitive data at the client side is the normal approach in this situation but has high communication and computation overheads if only a subset of the data is required, for example, selecting records in a database table based on a keyword search. New cryptographic schemes have been proposed that support encrypted queries over encrypted data. But they all depend on a single set of secret keys, which implies single user access or sharing keys among multiple users, with key revocation requiring costly data re-encryption. In this paper, we propose an encryption scheme where each authorised user in the system has his own keys to encrypt and decrypt data. The scheme supports keyword search which enables the server to return only the encrypted data that satisfies an encrypted query without decrypting it. We provide a concrete construction of the scheme and give formal proofs of its security. We also report on the results of our implementation.